Today, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) released its 2016-2017 HIPAA Audits Industry Report that reviewed selected health care entities and business associates for compliance with certain provisions of the HIPAA Privacy, Security, and Breach Notification Rules. The Health Information Technology for Economic and Clinical…
Category: Health Data
French pharmaceutical firm involved in packaging anti-COVID vaccines hit by cyberattack
On December 9, the European Medicines Agency reported that it had been a victim of a cyberattack. The announcement was of significant concern because EMA was considering was issuing authorizations for several COVID-19 vaccines. The next day, Pfizer announced that some documents it had submitted to EMA as part of that process had been involved…
Ca: Olympia House notifying patients about ransomware attack discovered in early August
On August 10, DataBreaches.net reported that Olympia House, an alcohol rehabilitation and drug treatment center in Petaluma, California had apparently been attacked by NetWalker ransomware threat actors but had not responded to an inquiry by this site. By November 9, Olympia House still had not posted any statement on their site or press release, and…
VA: Konikoff Dental Associates notifies patients and employees of possible data breach
WAVY reports: Konikoff Dental Associates Harbour View released a statement on its website warning patients of a possible data breach. The statement says the dentistry became aware of the incident on October 11 and it may affect the security of personal information for some patients and employees. Read more on WAVY. The dental practice’s full…
Survey: To Report or Not Report Health Care Data Breaches
To Report or Not Report Health Care Data Breaches December 11, 2020 Amanda Walden, PhD, RHIA, CHDA , Kendall Cortelyou-Ward, PhD , Meghan Hufstader Gabriel, PhD , Alice Noblin, PhD, RHIA, CCS, PMP The American Journal of Managed Care, December 2020, Volume 26, Issue 12 This study presents information regarding the decisions that health care privacy officers make about reporting a data breach, including…
Norwegian DPA imposes administrative fine to Østfold HF Hospital
From EDPB on November 25: The Norwegian Data Protection Authority has decided on an administrative fee of NOK 750,000 to Østfold HF Hospital. The background is that in the period 2013-2019, the hospital stored report extracts from patient records outside the safe zone. The case started with a notice of personal data breach from the…